Security passwords should take a walk
Could log-in misery soon be a thing of the past?
Only when my smartphone died earlier this week did I truly realize just how much we rely on them. My late trusty steed, now outdated by new, faster, and certainly more expensive models on the market, was my lifeline. Importantly and unfortunately for myself, I had become heavily reliant on using password savers and 2 Factor Authentication (2FA) to log into various banking and personal affairs over the last two years. Inevitably, finding and retrieving all the correct log in details and passwords proved to be an arduous and time-consuming process.
The concept of the computer password was born in the early 1960s. Computing pioneer Fernando Corbato himself admits that he never intended for the use of a security phrase to become so widely relied upon. Unfortunately, computer passwords have become a global mania of hastily jotted down words and infuriating moments when our memories fail us. Corbato has even used the word"nightmare"to describe this escalation of alpha numerical mania.
The current IT security dogma of not using the same password for everything has led to people having dozens to remember, with each website or app enforcing different rules governing the type or length of the characters you can use. Hackers too have upped their game in recent years, and new virility in keylogging technology in recent years has made passwords more vulnerable than ever.
Instead, the future of security verification relies on biometric authentication, whether that be scanning your fingerprints, eye, face, and now even the way you walk. Earlier this year a team of researchers from the University of Pretoria and City University of Hong Kong developed a smartphone authentication system based on sensing the way an individual walks. This form of"gait analysis", takes advantage of the fact that as strange bipedal apes, the way we walk differs greatly from person to person. The system uses a smart phones pre-existing hardware to recognize gait patterns, which are then analyzed by a wearable device.
The beauty of this is that instead of relying on new smartphone handsets equipped with both new biometric features and ever-increasing eye watering prices, this simple but accurate form of biometric data can be analyzed by using the phone's accelerometer. This is a feature which even my recently deceased phone possessed during its lifespan, and one which is readily available on cheap accessible phones across the world.
No upgrades or new costs are needed in this concept which is being explored by researchers around the world and works by continuously monitoring gait-related data collected by the smartphone. There is no dreaded log in nor any intrusive scanning of fingers or faces, you are just continuously logged in so long as the system can verify that you are you, the simplest and most necessary principle of security verification. All this time while blissfully just walking going about your day to day life.
In the future, it is not hard to imagine that the system could just email the smartphone owner to notify them if any unusual gait patterns are detected, and allow trust in the accuracy of our unique gait signature for us to be continuously allowing us access.
We may soon even be able to generate power for our devices through the kinetic energy of our walks. Power and security are two significant factors in our day to day lives as we are constantly glued to our smartphones. In our current ever-complicating world of apps, financial affairs and personal social media profiles, we will need every convenience we can have.
Humans have enjoyed fully developed brains for several thousand years, yet our memories still fail us when it comes to password verification. We are living in a security system for which we are poorly evolved, but we have been walking upright for around 3 million years. We are certainly more used to doing the latter, and when it comes to smartphone security, maybe it is time to go back to basics.